clock menu more-arrow no yes mobile

Filed under:

US officials claim Iran behind cyberattack on Saudi oil firm, suggest it's a retaliation

New, 19 comments
Saudi Aramco oil
Saudi Aramco oil

Iran may be retaliating to US- and Israeli-sponsored cyberattacks like Stuxnet and Flame, both of which were used to fight against Iran's nuclear program. According to The New York Times, US intelligence officials are placing the blame for August's devastating attack on the Saudi Aramco oil company squarely on Iran. Unfortunately, no evidence is given to support the claim, but if officials are right, the attack would represent an escalation of cyberwarfare between the US and Israel and Iran.

The attack on Saudi Aramco — Saudi Arabia's state-owned oil company — was perpetrated by people with inside access to the company's networks during an Islamic holiday, and it wiped out data on 75 percent of the firm's computers using a virus called Shamoon. A group called the Cutting Sword of Justice claimed responsibility for the attack at first, but some have been suspecting that the group (and its motives) were meant to obscure Iranian involvement. Suspicions that Iran performed the attacks partly came from researchers who noticed that the erasing component inside of Shamoon borrowed the name "Wiper" from the US-developed Flame worm.

Should US officials' claims hold up, this wouldn't be the first cyberattack blamed on Iran — some have pointed the finger at the country for attacks that affected six US banks. As is often the case with such attacks, questions certainly remain about motives and the parties involved. Things would clear up if US officials could provide evidence, but, either way, Iran remains a primary suspect, with Richard A. Clarke, once a counter-terrorism adviser on the National Security Council, telling the Times that "the attacks were intended to say: ‘If you mess with us, you can expect retaliation.’"